发明名称 |
METHOD FOR EXPRESSING, STORING AND EDITING NETWORK SECURITY POLICY |
摘要 |
PURPOSE: A method for expressing, storing and editing a network security policy is provided to reduce development cost and time for policy-based network security management system, and to allow a designer to directly design an operation structure of a network security policy management tool, database schema and a structure of an object. CONSTITUTION: SecurityRule is a class for a rule object(200) including attributes of a rule itself. OnePacketCondition is a class for a condition object(310) indicating a condition for analyzing one packet. ConditionListType is an attribute indicating a combination method of each item for analyzing OnePacketCondition. VariableValueComparisonCondition is a class for condition objects(310a,310b) indicating a condition for comparing a field of a packet header with a value. Operator is an attribute indicating an operator to be used for checking. PayloadMatchingCondition is a class for a condition object(310c) for checking which content is included in a payload of a packet. PayloadVariable is a class for a variable object(310j) indicating a payload. AggregatedAlertAction is a class for an operation object(410a) indicating an alarming a rule applied situation. AggregatedAlertAction has an attribute of AlertDescription indicating descriptions for the rule applied situation. MessageStoreAction is a class indicating an operation object(410b) storing an alarm message. MessageShowAction is a class indicating an operation object(410c) outputting the alarm message.
|
申请公布号 |
KR20030062055(A) |
申请公布日期 |
2003.07.23 |
申请号 |
KR20020002465 |
申请日期 |
2002.01.16 |
申请人 |
ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE |
发明人 |
BANG, HYO CHAN;JANG, JONG SU;KIM, GEON RYANG;KIM, GI YEONG;KIM, MYEONG EUN;KIM, SUK YEON;SON, SEUNG WON |
分类号 |
H04L12/22;H04L29/06;(IPC1-7):H04L12/22 |
主分类号 |
H04L12/22 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|